WO2020170316A1 - Dispositif de traitement d'informations - Google Patents

Dispositif de traitement d'informations Download PDF

Info

Publication number
WO2020170316A1
WO2020170316A1 PCT/JP2019/005903 JP2019005903W WO2020170316A1 WO 2020170316 A1 WO2020170316 A1 WO 2020170316A1 JP 2019005903 W JP2019005903 W JP 2019005903W WO 2020170316 A1 WO2020170316 A1 WO 2020170316A1
Authority
WO
WIPO (PCT)
Prior art keywords
data
signal point
information
base
unit
Prior art date
Application number
PCT/JP2019/005903
Other languages
English (en)
Japanese (ja)
Inventor
研太郎 加藤
Original Assignee
学校法人玉川学園
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 学校法人玉川学園 filed Critical 学校法人玉川学園
Priority to PCT/JP2019/005903 priority Critical patent/WO2020170316A1/fr
Priority to JP2021501168A priority patent/JP7072958B2/ja
Priority to US17/431,487 priority patent/US20220136848A1/en
Publication of WO2020170316A1 publication Critical patent/WO2020170316A1/fr

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04KSECRET COMMUNICATION; JAMMING OF COMMUNICATION
    • H04K1/00Secret communication
    • H04K1/06Secret communication by transmitting the information or elements thereof at unnatural speeds or in jumbled order or backwards
    • GPHYSICS
    • G01MEASURING; TESTING
    • G01CMEASURING DISTANCES, LEVELS OR BEARINGS; SURVEYING; NAVIGATION; GYROSCOPIC INSTRUMENTS; PHOTOGRAMMETRY OR VIDEOGRAMMETRY
    • G01C21/00Navigation; Navigational instruments not provided for in groups G01C1/00 - G01C19/00
    • G01C21/26Navigation; Navigational instruments not provided for in groups G01C1/00 - G01C19/00 specially adapted for navigation in a road network
    • G01C21/34Route searching; Route guidance
    • G01C21/3453Special cost functions, i.e. other than distance or default speed limit of road segments
    • G01C21/3461Preferred or disfavoured areas, e.g. dangerous zones, toll or emission zones, intersections, manoeuvre types, segments such as motorways, toll roads, ferries
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04KSECRET COMMUNICATION; JAMMING OF COMMUNICATION
    • H04K1/00Secret communication
    • H04K1/02Secret communication by adding a second signal to make the desired signal unintelligible
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/065Encryption by serially and continuously modifying data stream elements, e.g. stream cipher systems, RC4, SEAL or A5/3
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/12Transmitting and receiving encryption devices synchronised or initially set up in a particular manner
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords

Definitions

  • the present invention relates to an information processing device.
  • OSI Open System Interconnection
  • the physical layer of layer 1 to the application layer of layer 7 are separated, and the interface connecting the layers is standardized or standardized by de facto.
  • the lowest layer is the physical layer that plays a role of actually transmitting and receiving signals by wire/wireless.
  • security (often relying on mathematical encryption) is implemented in layer 2 and above, and no security measures are taken in the physical layer. However, there is a risk of eavesdropping even at the physical layer.
  • optical fiber communication which is a representative of wired communication
  • Y-00 Yuen-2000 (hereinafter, referred to as “Y-00”) protocol
  • the data is multivalued to increase the data transmission rate.
  • signal transmission/reception when communication is performed using two signal points (for example, signal points having optical signal intensities of two stages), only one bit of information can be transmitted per one signal point transmission.
  • four signal points for example, signal points having four levels of signal strength
  • 2-bit information can be transmitted per transmission of one signal point. That is, the data transfer rate can be increased by increasing the number of signal points and making the signal multi-valued.
  • the purpose of the present invention is to improve the safety of data transmission and the data transfer rate, and to reduce the increase in cost at that time.
  • FIG. 2 is a diagram illustrating an outline of the principle of the Y-00 protocol applied to the cryptographic communication system of FIG. 1. It is a figure which shows the example which employ
  • FIG. 1 is a diagram showing a configuration example of a cryptographic communication system including a transmission device which is an embodiment of an information processing device of the present invention.
  • the cipher communication system in the example of FIG. 1 is configured to include a transmitting device 1, a receiving device 2, and an optical communication path C.
  • the transmitter 1 and the receiver 2 are connected via an optical communication path C such as an optical fiber.
  • the transmitter 1 and the receiver 2 construct an encrypted communication system that performs encrypted communication according to the Y-00 protocol.
  • the term system is intended to mean an overall device including a plurality of devices and a plurality of means.
  • a removable medium 31 including a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, or the like is appropriately mounted on the drive 20.
  • the program read from the removable medium 31 by the drive 20 is installed in the storage unit 18 as needed. Further, the removable medium 31 can also store various data stored in the storage unit 18 similarly to the storage unit 18.
  • the transmission device 1 includes a plaintext data providing unit 101, an OSK control unit 102, an optical signal modulation unit 103, an optical signal transmission unit 104, a random number management unit 105, and an irregular mapping control unit 106. ..
  • the random number management unit 105 manages each pseudo random number used in the transmission device 1. For example, the random number management unit 105 generates and manages the first pseudo random number data based on the first common key.
  • the first common key is a bit string of a predetermined length used as an initial value for the pseudo random number data generation in the OSK control unit 102, and the pseudo random number data generation used in the irregular mapping control unit 106 described later.
  • the second common key which is a bit string of a predetermined length used as the initial value of Further, the random number management unit 105 generates and manages the second pseudo random number data based on the second common key.
  • the second pseudo random number data is pseudo random number data used by the irregular mapping control unit 106 and is distinguished from the first pseudo random number data used by the OSK control unit 102.
  • the random number management unit 205 basically has the same function and configuration as the random number management unit 105 of the transmission device 1 of FIG. That is, the first pseudo random number data is generated and managed based on the first common key. Also, the second pseudo random number data is generated and managed based on the second common key. That is, the random number management unit 205 of the reception device 2 generates the first pseudo random number data and the second pseudo random number data based on the same first common key and second common key as the random number management unit 205 of the transmission device 1. Generate and manage each. As a result, the pseudo random number information related to the encryption by the transmitter 1 and the pseudo random number information related to the decryption by the receiver 2 are shared.
  • the irregular mapping control unit 206 has the same function and configuration as the irregular mapping control unit 106 in FIG.
  • map data Ma is given as an example of map data.
  • the first bit from the top of the encrypted data CT is associated with the upper bit of the vertical in-base signal point number LBN1.
  • the second bit from the top of the encrypted data CT is associated with the lower bit of the vertical direction intra-base signal point number LBN1.
  • the third bit from the top of the encrypted data CT is associated with the upper bit of the horizontal in-base signal point number TBN1.
  • the fourth bit from the top of the encrypted data CT is associated with the lower bit of the horizontal in-base signal point number TBN1.
  • the encryption unit 111 generates the result of the XOR operation as the encrypted data CT based on the plaintext data PT and the first pseudo random number data PR1. Specifically, for example, the bit string "0101" that is the plaintext data PT is XORed with the bit string "1100” that is the first pseudo random number data PR1 to obtain "1001" as the bit string of the encrypted data CT. To generate.
  • the division unit 121 divides the encrypted data CT into the vertical direction intra-base signal point number LBN1 and the horizontal direction intra-base signal point number TBN1 based on the map data Ma provided by the map management unit 122. Specifically, for example, “10” is generated as the vertical in-base signal point number LBN1 and “01” is generated as the horizontal in-base signal point number TBN1 based on the encrypted data CT and the map data Ma in the above example. ..
  • the intra-base signal point number generation unit 113 generates intra-base signal point number information based on the vertical direction intra-base signal point number LBN1 and the horizontal direction intra-base signal point number TBN1. Specifically, for example, the vertical direction intra-base signal point number LBN1 and the horizontal direction intra-base signal point number TBN1 are connected to generate “1001” as the intra-base signal point number information. As a result, for example, the signal point indicated by the intra-base signal point number Z1001 is specified from among the bases of 16 signal points shown in FIG. As described above, in the example of the processing A in FIG. 9, the OSK control unit 102 generates the intra-base signal point number Z1001.
  • the process B of FIG. 9 is a map different from the process A of FIG. 9 as the map data to be subjected to a predetermined process in the example of the encryption of the plaintext data to which the OSK process of FIG. 8 is applied and the generation of the intra-base signal point number. It is a figure which shows the example using.
  • the plaintext data PT and the first pseudo random number data PR1 are the same as those of the example of the process A of FIG.
  • map data Mb as an example of map data.
  • the first bit from the top of the encrypted data CT is associated with the upper bit of the horizontal in-base signal point number TBN2.
  • the second bit from the top of the encrypted data CT is associated with the lower bit of the vertical in-base signal point number LBN2.
  • the third bit from the top of the encrypted data CT is associated with the upper bit of the vertical direction intra-base signal point number LBN2.
  • the fourth bit from the top of the encrypted data CT is associated with the lower bit of the horizontal in-base signal point number TBN2.
  • the dividing unit 121 divides the encrypted data CT into the vertical direction intra-base signal point number LBN2 and the horizontal direction intra-base signal point number TBN2 based on the map data Mb provided by the map management unit 122. Specifically, for example, “00” is generated as the vertical intra-base signal point number LBN2 and “11” is generated as the horizontal intra-base signal point number TBN2 based on the encrypted data CT and the map data Mb in the above example. ..
  • the table for associating the in-base signal point numbers with the signal points can be reduced as follows.
  • the intra-base signal point number is a number that uniquely identifies each of the plurality of signal points that form the base. Therefore, the size of the table that specifies the in-base signal point numbers and the signal points in association with each other is as many as the number of signal points.
  • the size of the table is an amount that represents the number of correspondences that form the table. That is, for example, in the above example, a table including the correspondence between 16 intra-base signal point numbers and signal points is required. Specifically, for example, the table starts as follows. In the intra-base signal point number Z0000, the component I is the smallest and the component Q is the smallest. In the intra-base signal point number Z0001, the component I is the second smallest and the component Q is the first smallest.
  • the intra-base signal point numbers and the signal points are associated with each other when the encrypted data CT is divided into two, that is, the intra-base signal point numbers and the horizontal direction intra-base signal point numbers.
  • the horizontal in-base signal point number and the vertical in-base signal point number respectively determine the component I and the component Q. Therefore, two tables for identifying the signal point number in the base and the signal point in association with each other are required.
  • the size of each table of the horizontal direction intra-base signal point numbers and the vertical direction intra-base signal point numbers is equal to the number of horizontal direction intra-base signal point numbers and the number of vertical direction intra-base signal point numbers, respectively. Will be required.
  • a table consisting of the correspondence between four vertical direction in-base signal point numbers and signal points is required. That is, the total size of the table for the horizontal in-base signal point numbers and the size of the table for the vertical in-base signal point numbers is 8. This is smaller than 16 which is the size when simply generating the intra-base signal point number information.
  • the data capacity secured in the storage unit 18 holding the table and the data capacity secured in the RAM 13 can be reduced.
  • the lower limit of the performance required for the hardware of the transmitter 1 can be reduced. That is, the production cost of the transmitter 1 can be reduced.
  • the signal point number information in the base and the signal points are associated in order, but the invention is not limited to this. That is, as described above, in order to improve the safety of data transmission, it is desirable to change the association between the signal point number in the base and the signal point continuously.
  • the partitioning unit 121 configures each of the bits forming the encrypted data into the vertical direction intra-base signal point number and the horizontal direction intra-base signal point number based on the map data provided from the map management unit 122.
  • the vertical direction in-base signal point number information and the horizontal direction in-base signal point number information are generated.
  • the map management unit 122 can switch the map data to be provided based on the third pseudo random number data. That is, by replacing the third pseudo random number data with the passage of time, it is possible to switch the map data to be provided and to continuously change the association between the signal point number in the base and the signal point. As a result, it is possible to improve the safety of data transmission while reducing the increase in cost. Also, the complexity of designing individual map data can be reduced. In other words, by dividing the intra-base signal point number, it is possible to reduce an increase in cost for designing the transmission device 1 when the number of signal points included in the base is increased.
  • FIG. 10 is a flowchart illustrating an example of the flow of OSK control processing executed by the transmitting device having the functional configuration of FIG. 8.
  • the OSK control processing performs predetermined processing including OSK processing on plaintext data that is data to be transmitted, and generates in-base signal point number information that specifies a signal point to be transmitted among bases composed of a plurality of signal points. It is executed when you do.
  • step S11 the encryption unit 111 generates encrypted data based on the first pseudo random number data and the plaintext data that is the data to be transmitted.
  • step S12 the map management unit 122 manages the map related to the classification and provides it as map data.
  • step S13 the partitioning unit 121 partitions each of the bits forming the encrypted data into each of the bits forming the vertical in-base signal point number and the horizontal in-base signal point number based on the map data.
  • step S14 the intra-base signal point number generation unit 113 determines which one of the bases is based on the set of two types of intra-base signal point numbers of the vertical direction intra-base signal point number information and the horizontal direction intra-base signal point number information.
  • Intra-base signal point number information which is information indicating whether to transmit the signal point of, is generated.
  • predetermined processing including de-OSK processing is performed on the intra-base signal point number information, which is executed by the de-OSK control section 203 of the reception device 2 in FIG. 7, and is decoded.
  • the details of the process of generating plaintext data will be described.
  • FIG. 11 is a block diagram illustrating a detailed configuration example of the de-OSK control unit in the receiving device of FIG. 7.
  • the de-OSK control unit 203 in the example of FIG. 11 includes an intra-base signal point number division unit 211, a de-segmentation management unit 212, and a decoding unit 213.
  • the intra-base signal point number division unit 211 calculates vertical intra-base signal point number information and horizontal intra-base signal point number information corresponding to the intra-base signal point number information corresponding to the received signal point among the bases composed of a plurality of signal points. The information is divided into two sets of intra-base signal point numbers.
  • the declassification management unit 212 includes a declassification unit 221 and a map management unit 222.
  • the de-segmentation management unit 212 de-segments two types of intra-base signal point numbers of vertical direction intra-base signal point number information and horizontal direction intra-base signal point number information into encrypted data based on map data.
  • the de-segmenting unit 221 configures encrypted data with each of the bits configuring the vertical in-base signal point number and the horizontal in-base signal point number based on map data provided from a map management unit 222 described later. Declassify each bit and generate encrypted data.
  • the above-described declassification is the reverse processing of the classification performed by the partitioning unit 121 in FIG. That is, for example, in the partitioning unit 121, when partitioning is performed based on the map "the first bit from the top of the encrypted data CT is associated with the upper bit of the lateral base signal point number TBN2."
  • the unit 221 desegments the high-order bit of the horizontal direction intra-base signal point number into the first bit from the top of the encrypted data.
  • the map management unit 222 manages a map related to declassification and provides it to the declassification unit 221 as map data. Specifically, for example, the map management unit 222 selects a map to be actually used from the maps to be managed based on the third pseudo random number data provided from the random number management unit 205 and provides it to the declassification unit 221.
  • the map related to the declassification unit provided by the map management unit 222 is, for example, the same as the map data provided to the classification unit 121 by the map management unit 122 of the transmission device 1. Thereby, the de-segmentation unit 221 can perform de-segmentation based on the map data used for the segmentation of the segmentation unit 121.
  • the decryption unit 213 performs the above-mentioned OSK removal processing on the encrypted data to generate decrypted plaintext data.
  • the de-OSK control unit 203 based on the first pseudo-random number data generated by the random number management unit 205, performs a predetermined de-OSK process on the in-base signal point number information that is the received data. Processing is performed to generate decrypted plaintext data.
  • FIG. 12 is a flowchart illustrating an example of the flow of the de-OSK control process executed by the receiving device having the functional configuration of FIG. 11.
  • the de-OSK control process is executed when a predetermined process including the de-OSK process is performed on the in-base signal point number information, which is the received data, to generate the decrypted plaintext data.
  • step S21 the intra-base signal point number division unit 211 sets the intra-base signal point number information corresponding to the received signal point among the bases of the plurality of signal points to the vertical base intra-base signal point number information and the horizontal base.
  • the internal signal point number information is divided into two sets of base internal signal point number.
  • step S22 the map management unit 222 manages the map related to declassification and provides it as map data.
  • step S23 the de-segmentation unit 221 de-segments each of the bits forming the vertical direction intra-base signal point number and the horizontal direction intra-base signal point number based on the map data. And generate encrypted data.
  • step S24 the de-OSK process is performed on the encrypted data to generate decrypted plaintext data.
  • FIG. 13 is a functional block diagram showing an example of a detailed functional configuration of the irregular mapping control unit 106 in the functional configuration of the transmission device 1 of FIG.
  • the parts corresponding to those in FIG. 3 are designated by the same reference numerals, and the description thereof will be omitted as appropriate.
  • the irregular mapping control unit 106 includes a classification management unit 131, an irregular mapping unit 132, and a base reference point information generation unit 133.
  • the division management unit 131 includes a map management unit 141 and a division unit 142.
  • the division management unit 131 divides the second pseudo random number data generated by the random number management unit 105 into two based on a predetermined rule, and inputs a vertical irregular map to the vertical irregular map. It is generated as input data and lateral irregular mapping input data that is an input of the lateral irregular mapping.
  • the method based on any of the above-mentioned elements does not contribute to the time of encryption, for example, when encrypting, which is a feature of optical communication quantum cryptography using a protocol such as the Y-00 protocol, It does not impair the fact that there is no time delay.
  • the map management unit 141 selects a map based on at least predetermined pseudo random number information
  • the random number management unit 105 has a predetermined length different from both the first common key and the second common key described above.
  • the map management unit 141 may select the map based on the third pseudo random number data by generating the third common key using the third common key, which is the bit string of, as the initial value.
  • the dividing unit 142 divides the second pseudo random number data into two based on the dividing rule defined in one map selected by the map managing unit 141, and divides the second pseudo random number data into vertical irregular mapping input data and horizontal direction. Generate as irregular mapping input data.
  • the vertical direction irregular mapping unit 151 performs irregular mapping processing on the vertical direction irregular mapping input data generated by the dividing unit 142 to generate vertical direction base reference point data.
  • the lateral irregular mapping unit 152 generates the lateral base reference point data by subjecting the lateral irregular mapping input data generated by the dividing unit 142 to irregular mapping processing.
  • the original irregular map is divided into two component irregular maps having the same size (in the present embodiment, each component irregular map in the vertical direction and each component irregular map in the horizontal direction) to be treated.
  • the size of each of the two component irregular maps that need to be designed, and the total size of these two component irregular maps are smaller than when the entire original irregular map is handled collectively.
  • the size is 2 ⁇ L.
  • the size of each lateral component irregular mapping is 2 ⁇ L. That is, when the original irregular map is divided into two component irregular maps, the combined size is 4 ⁇ L.
  • the size of each component irregular mapping that needs to be designed becomes smaller, and thus the complexity of designing each individual component irregular mapping is also reduced.
  • by dividing the original irregular mapping it is possible to reduce an increase in cost for designing the transmission device, which is caused by increasing the number of signal points.
  • the base reference point information generation unit 133 combines the vertical direction base reference point data and the horizontal direction base reference point data to generate information that defines the origin for specifying the base, that is, base reference point information.
  • FIG. 14 is a diagram illustrating an example of a process of classifying pseudo random number information based on map data, which is performed by the classifying unit 142.
  • the division management unit 131 divides the 4-bit information specifying one intra-base signal point number into two 2-bit information specifying each vertical and horizontal intra-base signal point number. To do.
  • the process A in FIG. 14 is performed by the partitioning unit 142 to partition the second pseudo-random number data PR2 into vertical irregular mapping input data LIMN1 and horizontal irregular mapping input data TIMN1 based on the map data Mc.
  • FIG. 14 is performed by the partitioning unit 142 to partition the second pseudo-random number data PR2 into vertical irregular mapping input data LIMN1 and horizontal irregular mapping input data TIMN1 based on the map data Mc.
  • map data Mc two bits (10) on the left side of the second pseudo random number data PR2 are classified as vertical direction irregular mapping input data LIMN1, and two bits on the right side (01) are classified as horizontal direction irregular mapping input data TIMN1. Classification rules are established.
  • the process B in FIG. 14 is performed by the dividing unit 142 to divide the second pseudo random number data PR2 into vertical irregular mapping input data LIMN2 and horizontal irregular mapping input data TIMN2 based on the map data Md.
  • the map data Md is obtained by combining the second pseudo random number data PR2 with the second bit (0) from the left and the third bit (0) from the left (00) in the vertical direction irregular mapping input data LIMN2.
  • a partitioning rule is defined that partitions the leftmost bit (1) and the rightmost bit (1) (11) as the lateral irregular mapping input data TIMN2.
  • the map management unit 141 manages a plurality of maps, adopts at least an element including one or more of a predetermined operation, a predetermined algorithm, and predetermined pseudo random number information, and one or more of these elements. If one of the plurality of maps is selected based on the above, an eavesdropper who steals data requires an additional work step to identify how to select the map when attempting to decrypt it. That is, the cost for the eavesdropper is further increased.
  • FIG. 15 is a functional block diagram showing an example of a detailed functional configuration of the irregular mapping control unit 206 in the functional configuration of the receiving device of FIG. 7.
  • the parts corresponding to those in FIG. 7 are designated by the same reference numerals, and the description thereof will be omitted as appropriate.
  • the irregular mapping control unit 206 includes a section management unit 231, an irregular mapping unit 232, and a base reference point information generation unit 233.
  • the division management unit 231 includes a map management unit 241 and a division unit 242.
  • the irregular mapping unit 232 includes a vertical irregular mapping unit 251 and a horizontal irregular mapping unit 252.
  • the map management unit 241 has the same function and configuration as the map management unit 141 of FIG. 13, and the partition unit 242 has the same function and configuration as the partition unit 142 of FIG. That is, the division management unit 231 has the same function and configuration as the division management unit 131 of FIG.
  • the vertical irregular mapping unit 251 has the same function and configuration as the vertical irregular mapping unit 151 of FIG. 13, and the horizontal irregular mapping unit 252 has the same function and configuration as the horizontal irregular mapping unit 152 of FIG. That is, the irregular mapping section 232 has the same function and configuration as the irregular mapping section 132 of FIG.
  • the base reference point information generation unit 233 has the same function and configuration as the base reference point information generation unit 133 of FIG.
  • the irregular mapping control unit 206 has the same function and configuration as the irregular mapping control unit 106 of FIG.
  • FIG. 16 is a flowchart illustrating the irregular mapping control process executed by the irregular mapping controller 106 of the transmitter 1 and the irregular mapping controller 206 of the receiver 2.
  • the irregular mapping control unit 206 has the same function and configuration as the irregular mapping control unit 106 of FIG. In the description of FIG. 16, the irregular mapping control unit 106 of the transmission device 1 will be described as an example.
  • the map management unit 141 manages the map relating to the classification of the pseudo random number data and provides it as map data. Specifically, for example, the map management unit 141 divides the second pseudo random number data that is the input of the irregular mapping control unit 106 into the vertical irregular mapping input data that is the input of the vertical irregular mapping. , A map defining a particular segmentation rule that produces the lateral irregular mapping input data that is the input for the lateral irregular mapping.
  • the classification unit 142 classifies the pseudo random number data into two based on the map data. Specifically, for example, the sorting unit 142 sets the second pseudo-random number data generated by the random number management unit 105 in the vertical direction based on the sorting rule defined in the one map selected by the map management unit 141. It is classified into regular mapping input data and lateral irregular mapping input data.
  • step S33 the vertical direction irregular mapping unit 151 and the horizontal direction irregular mapping unit 152 perform irregular mapping processing on each of the divided pseudo random number data. Specifically, for example, the vertical direction irregular mapping unit 151 generates vertical direction base reference point data by performing irregular mapping processing on the vertical direction irregular mapping input data generated by the partitioning unit 142. Similarly, the horizontal direction irregular mapping unit 152 generates the vertical direction base reference point data by subjecting the horizontal direction irregular mapping input data generated by the dividing unit 142 to irregular mapping processing.
  • the base reference point information generation unit 133 generates base reference point information. Specifically, for example, the base reference point information generation unit 133 combines the vertical direction base reference point data and the horizontal direction base reference point data to generate information that defines the origin for specifying the base, that is, base reference point information. To do.
  • the present invention is not limited to the above-described embodiment, and modifications, improvements, etc. within a range in which the object of the present invention can be achieved are included in the present invention. is there.
  • the random number management unit 105 is supposed to generate and manage the first pseudo random number data to the third pseudo random number data based on the first common key to the third common key. It is not particularly limited to this. That is, for example, it is sufficient if the first pseudo random number data to the third pseudo random number data can be generated by performing a predetermined process from an arbitrary number of common keys. That is, for simplicity of description, in the description of the embodiments of the present specification, the pseudo random number data generated by the random number management unit 105 is the pseudo random number data used by the OSK control unit 102.
  • the second pseudo random number data is pseudo random number data used by the irregular mapping control unit 106
  • the third pseudo random number data is pseudo random number data used by the map management unit 122. Absent. Further, the above contents are the same as in the random number management unit 205 of the receiving device 2.
  • the optical signal is generated based on the intra-base signal point number information generated by the OSK control unit 102 and the base reference point information generated by the irregular mapping control unit 106.
  • the modulator 103 is configured to modulate an optical signal, the present invention is not limited to this.
  • the OSK control unit 102 generates a plaintext data subjected to the OSK processing as encrypted data (that is, the OSK control unit 102 in FIG. 8 does not include the classification management unit 112 and the intra-base signal point number generation unit 113).
  • the irregular mapping control unit 106 performs irregular mapping processing in the irregular mapping unit 132 on the vertical irregular mapping input data and the vertical irregular mapping input data generated by the classification management unit 131.
  • the vertical base reference point data and the horizontal base reference point data are generated (that is, the configuration in which the base reference point information generation unit 133 is removed from the irregular mapping control unit 106 in FIG. 13), and further
  • the signal modulation unit 103 uses the vertical direction base reference point data and the horizontal direction base reference point data to offset the signal points in the signal transmission in the vertical direction and the horizontal direction (for example, in the case of QAM, the phase offset and the amplitude). Offset) and the optical signal may be modulated based on information obtained by combining the offset information and the encrypted data information.
  • the original irregular mapping is described as being divided into two component irregular mappings in the vertical direction and the horizontal direction, but the present invention is not particularly limited to this. That is, the original irregular map may be divided into m (m is an integer value of 2 or more) component irregular maps. Further, for example, in this case, m or more pieces of each component irregular mapping are prepared in advance, and at least an element including one or more of a predetermined operation, a predetermined algorithm, and predetermined pseudo random number information is adopted. , M component irregular maps may be selected based on one or more of these.
  • the design method of the irregular mapping is not deterministic, different design criteria may be set for each of the plurality of component irregular mappings.
  • an eavesdropper must take into consideration the possibility of handling a plurality of component irregular maps with different design criteria when deciphering the stolen data. That is, since the work steps of the decryption work increase, the cost for the eavesdropper increases. Dividing the original irregular map reduces the design complexity of each individual component irregular map. Therefore, as described above, it becomes easy to set an individual design standard for each of the plurality of component irregular mappings.
  • the number of divisions of the original irregular mapping may be determined based on the ease of handling from the practical aspects of design and operation.
  • the circuit that has been one large block until now becomes a parallel circuit composed of subdivided blocks.
  • the width of the data bus of each subdivided block also becomes smaller. Therefore, the degree of freedom in design is increased. If the number of divisions of the original irregular mapping is determined based on the ease of handling from the practical aspects of design and operation, this increase in the degree of freedom in design can be utilized.
  • the respective component irregular maps when it becomes necessary to exchange the component irregular maps for the purpose of maintenance, management, improvement, etc., all the component irregular maps are synchronized at the same time. No need to replace. That is, the respective component irregular maps may be exchanged at the optimum time. Further, the respective component irregular maps may be exchanged at a timing suitable for the administrator of the information processing apparatus.
  • the individual maps in the map management unit 141 can be exchanged at any time prior to communication, so if there is a suspicion of eavesdropping from some other environment, the administrator of the information processing device It may be replaced at a suitable timing.
  • the map selection method in the map management unit 141 may be determined in consideration of the trade-off between the safety of signal transmission and the cost of design/production/operation. For example, when the map management unit 141 adopts at least a method of selecting one map based on predetermined pseudo random number information, when an eavesdropper decodes the stolen data, the pseudo random number information is decoded. It is necessary to do so, so it is highly safe. However, when the method of selecting one map based on predetermined pseudo-random number information is adopted, an additional pseudo-random number generator is required, so that the cost for designing, producing, and operating becomes high.
  • the number of signal points is large enough, the number of possible division rules that can be defined in one map itself will increase the cost of identifying the map when an eavesdropper deciphers the stolen data. Can be big enough.
  • a method that does not use pseudo random number information may be adopted for the purpose of cost reduction.
  • a map may be selected based on pseudo random number information in order to compensate for the decrease in the number of possible division rules that can be defined in one map.
  • a method based on predetermined pseudo random number information may be positively adopted.
  • the plaintext data providing unit 101 is configured to receive and provide plaintext data transmitted by the transmitting device 1 in an unencrypted state, but the present invention is not limited to this.
  • the data used to verify the operation of the transmission device 1 may be generated inside the plaintext data providing unit 101.
  • the cryptographic communication system is configured to include the transmission device 1, the reception device 2, and the optical communication path C, but the invention is not particularly limited to this. That is, for example, each of the transmitting device and the receiving device may be a transmitting/receiving device. Specifically, for example, the transmitting device may further include a receiver that receives an optical signal as an input unit, and the receiving device may further include a transmitter that transmits an optical signal as an output unit. This allows the transmitting/receiving devices to communicate with each other. Furthermore, in the encrypted communication system, the transmitting/receiving device is not limited to the one-to-one connection. That is, for example, a plurality of optical communication paths may be connected to each other by including a splitter that branches an optical signal, or a plurality of transmission/reception devices may be connected to each other to form a network.
  • the plaintext data providing unit 101 acquires the plaintext data to be transmitted, but the present invention is not limited to this. That is, for example, the plaintext data providing unit 101 only needs to acquire or generate the predetermined information and provide it. Specifically, for example, data relating to operation verification of the cryptographic communication system may be internally generated as the predetermined information.
  • the partitioning unit 142 of the partitioning management unit 131 partitions the second pseudo random number data into two based on the partitioning rule defined in the selected one map.
  • the classification unit may be any classification management unit that classifies the pseudo random number information into m types of pseudo random number information based on a predetermined rule.
  • the partitioning unit generates a partition of the second pseudo random number data into three pieces as vertical direction irregular mapping input data, horizontal direction irregular mapping input data, and depth direction irregular mapping input data. You may. As a result, the safety of data transmission of the transmission target information is further improved.
  • the series of processes described above can be executed by hardware or software.
  • the functional configurations of FIGS. 6 and 7 are merely examples, and are not particularly limited. That is, it is sufficient if the information processing system has a function capable of executing the above-described series of processing as a whole, and what kind of functional block is used to realize this function is particularly shown in the examples of FIGS. 3 and 4. Not limited. Further, the location of the functional block is not particularly limited to that shown in FIGS. 3 and 4 and may be any location. Further, one functional block may be configured by hardware alone, software alone, or a combination thereof.
  • Section management means for example, section management section 112 in FIG. 8) for classifying into lateral direction base signal point number TBN2), Transmission information generation means (for example, intra-base signal point number generation unit 113 in FIG. 8) that generates transmission target information (for example, intra-base signal point number information) based on the set of n types of identifiers; An information processing device including the above is sufficient.
  • the classification management unit manages a plurality of maps (for example, the map data Ma and the map data Mb in FIG. 9) that define each of a plurality of rules that can be adopted as the predetermined rule, and A rule based on any one of them can be adopted as the predetermined rule to classify the predetermined information identifier into the n kinds of identifiers.
  • a plurality of maps for example, the map data Ma and the map data Mb in FIG. 9
  • Irregularization processing means for example, the vertical direction irregularity in FIG. 13 that generates predetermined irregularity processing for each of the m types of second pseudo-random number information as m types of base reference point information.
  • Modulation reference point determining means for determining m types of components of the reference points for signal modulation based on the m types of base reference point information (for example, the base reference point information generation unit 133 of FIG. 13 or the base reference of FIG. 15).
  • a point information generation unit 233) An information processing device including the above is sufficient.
  • Horizontal irregular mapping input data TIMN2... Horizontal irregular mapping input data, Z0000... In-base signal point number, Z0001 ... Intra-base signal point number, Z0011... In-base signal point number, Z0010... In-base signal point number, Z0100... In-base signal point number, Z0101. ..Intra-base signal point number, Z0111...in-base signal point number, Z0110...intra-base signal point number, Z1100...intra-base signal point number, Z1101...intra-base signal point number, Z1111.

Landscapes

  • Engineering & Computer Science (AREA)
  • Radar, Positioning & Navigation (AREA)
  • Remote Sensing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Automation & Control Theory (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Databases & Information Systems (AREA)
  • Digital Transmission Methods That Use Modulated Carrier Waves (AREA)

Abstract

Le but de la présente invention est d'améliorer la sécurité de transmission de données et un débit de transfert de données et de réduire une augmentation des coûts pour l'amélioration. Une unité de chiffrement (111) d'un dispositif de transmission (1) génère des données chiffrées qui permettent d'identifier de manière unique des données en clair de celle-ci. Une unité de segmentation (121) segmente les données cryptées en deux types d'informations sur le numéro du point de signal de base sur la base des données cartographiques fournies par une unité de gestion cartographique (122). Une unité de génération de nombre de points de signal de base (113) génère des informations de numéro de point de signal de base utilisées en tant qu'informations à transmettre, sur la base d'un ensemble des deux types d'informations, c'est-à-dire des informations de nombre de points de signal de base horizontal et des informations de nombre de points de signal de base vertical.
PCT/JP2019/005903 2019-02-18 2019-02-18 Dispositif de traitement d'informations WO2020170316A1 (fr)

Priority Applications (3)

Application Number Priority Date Filing Date Title
PCT/JP2019/005903 WO2020170316A1 (fr) 2019-02-18 2019-02-18 Dispositif de traitement d'informations
JP2021501168A JP7072958B2 (ja) 2019-02-18 2019-02-18 情報処理装置
US17/431,487 US20220136848A1 (en) 2019-02-18 2019-02-18 Information processing device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/JP2019/005903 WO2020170316A1 (fr) 2019-02-18 2019-02-18 Dispositif de traitement d'informations

Publications (1)

Publication Number Publication Date
WO2020170316A1 true WO2020170316A1 (fr) 2020-08-27

Family

ID=72143775

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2019/005903 WO2020170316A1 (fr) 2019-02-18 2019-02-18 Dispositif de traitement d'informations

Country Status (3)

Country Link
US (1) US20220136848A1 (fr)
JP (1) JP7072958B2 (fr)
WO (1) WO2020170316A1 (fr)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2004036817A1 (fr) * 2002-10-18 2004-04-29 Matsushita Electric Industrial Co., Ltd. Rearrangement de constellation pour schemas de diversite de transmission
JP2014093764A (ja) * 2012-11-07 2014-05-19 Tohoku Univ 光秘匿通信システムおよび光秘匿伝送装置並びに光秘匿通信方法

Family Cites Families (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100393021C (zh) * 2001-02-21 2008-06-04 松下电器产业株式会社 使用信号星座重排的混合自动请求重发的方法和装置
US7693179B2 (en) * 2002-11-29 2010-04-06 Panasonic Corporation Data transmission apparatus using a constellation rearrangement
EP1284565A1 (fr) * 2001-08-17 2003-02-19 Matsushita Electric Industrial Co., Ltd. Procédé de modulation d'un signal de données avec modulation à commutation entre modulation directe et différentielle et dispositif de modulation
DE60113128T2 (de) * 2001-11-16 2006-03-02 Matsushita Electric Industrial Co., Ltd., Kadoma Hybrides ARQ Verfahren zur Datenpaketübertragung
ATE309652T1 (de) * 2001-11-16 2005-11-15 Matsushita Electric Ind Co Ltd Arq wiederübertragungsverfahren mit inkrementaler redundanz unter verwendung von bit umordnungsarten
AU2002368296A1 (en) * 2002-10-18 2004-05-04 Matsushita Electric Industrial Co., Ltd. Constellation rearrangement for arq transmit diversity schemes
EP1559228A1 (fr) * 2002-11-07 2005-08-03 Matsushita Electric Industrial Co., Ltd. Procede de determination de retour dans un systeme de communications
JP2004185064A (ja) * 2002-11-29 2004-07-02 Matsushita Electric Ind Co Ltd プログラムの難読化装置及び難読化方法
WO2006113541A2 (fr) * 2005-04-13 2006-10-26 Northwestern University Mise en place d'une diffusion en flux de chiffrement de couche physiques alphaeta
JP4722179B2 (ja) * 2005-04-28 2011-07-13 パナソニック株式会社 高次変調方式のレピティション依存型マッピング
JP2008046151A (ja) * 2006-08-10 2008-02-28 Sharp Corp 暗号処理方法
JP4743783B2 (ja) * 2006-11-02 2011-08-10 株式会社メガチップス メモリシステム
US10564996B2 (en) * 2016-08-28 2020-02-18 Vmware, Inc. Parentless virtual machine forking
JP6819342B2 (ja) * 2017-02-15 2021-01-27 富士通株式会社 送信装置、受信装置、送信方法、及び受信方法
WO2020170317A1 (fr) * 2019-02-18 2020-08-27 学校法人玉川学園 Dispositif de traitement d'informations

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2004036817A1 (fr) * 2002-10-18 2004-04-29 Matsushita Electric Industrial Co., Ltd. Rearrangement de constellation pour schemas de diversite de transmission
JP2014093764A (ja) * 2012-11-07 2014-05-19 Tohoku Univ 光秘匿通信システムおよび光秘匿伝送装置並びに光秘匿通信方法

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
NAKAZAWA, M. ET AL.: "QAM quantum stream cipher using digital coherent optical transmission", OPTICS EXPRESS, vol. 22, no. 4, 13 February 2014 (2014-02-13), pages 4098 - 4107, XP032874407 *

Also Published As

Publication number Publication date
JPWO2020170316A1 (ja) 2021-12-02
JP7072958B2 (ja) 2022-05-23
US20220136848A1 (en) 2022-05-05

Similar Documents

Publication Publication Date Title
Sankpal et al. Image encryption using chaotic maps: a survey
Shankar et al. An efficient image encryption technique based on optimized key generation in ECC using genetic algorithm
EP3704830A1 (fr) Chiffrement authentifié par seuil de plusieurs parties
JP5170586B2 (ja) Yuen暗号用光送信装置及び受信装置、Yuen暗号光送信方法及び受信方法、並びに暗号通信システム
CN106209739A (zh) 云存储方法及系统
WO2006025426A1 (fr) Appareil de communication de donnees
CN103067166A (zh) 一种智能家庭系统的分级混合加密方法及装置
WO2020170317A1 (fr) Dispositif de traitement d'informations
Singh et al. Image encryption scheme based on Knight's tour problem
KR101899130B1 (ko) 데이터의 암호화, 복호화 방법 및 이를 이용하는 장치
JP4889630B2 (ja) 暗号文伝送のための光送信装置及び方法
Geetha et al. Multiple share creation based visual cryptographic scheme using diffusion method with a combination of chaotic maps for multimedia applications
WO2020170316A1 (fr) Dispositif de traitement d'informations
Ramírez-Torres et al. Fpga implementation of a reconfigurable image encryption system
US11075889B2 (en) Method and system for encrypting/decrypting data with ultra-low latency for secure data storage and/or communication
Deng et al. LSB color image embedding steganography based on cyclic chaos
RU2007129927A (ru) Система связи и способ связи
CN112651034A (zh) 一种基于密码本的一次一密可替换加密算法、组件及设备
US20230027422A1 (en) Systems, apparatus, and methods for generation, packaging, and secure distribution of symmetric quantum cypher keys
CN114448628B (zh) 量子噪声流加密通信方法、装置、设备及存储介质
CN117254911B (zh) 一种基于秘密分享的多方安全计算处理方法和系统
JP7430942B2 (ja) 信号処理システム
CN112235071A (zh) 一种基于fpga调制切换的安全加密方法及光通信装置
Raja et al. A review on various image encryption techniques for secure image transmission
Cherukuri et al. A Secure Peer-to-Peer Image Sharing Using Rubik’s Cube Algorithm and Key Distribution Centre

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 19915830

Country of ref document: EP

Kind code of ref document: A1

ENP Entry into the national phase

Ref document number: 2021501168

Country of ref document: JP

Kind code of ref document: A

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 19915830

Country of ref document: EP

Kind code of ref document: A1